By Florence Chafiol-Chaumont from August &
In a recommendation adopted on April 4, 2008, the Article 29
Working Group (gathering all European Union national authorities
competent on matters concerning personal data, of which the
Commission Nationale de l'Informatique et des Libertés,
or CNIL, is a member) detailed rules applicable to search engines.
The Article 29 Working Group indicated that search engines are
subject to regulation 95/46/EC relating to personal data
protection, even if their corporate headquarters are located
outside of the European Union. Consequently, search engines can
only keep personal data collected in the course of their activity
"for a period that does not exceed the time needed to
accomplish the purpose for which they were collected and
processed" (article 6 of the Loi Informatique et
Libertés dated January 6, 1978). After that delay, search
engines are compelled to destroy or "anonymise" that
This recent recommendation from the Article 29 Working Group has
asserted that the conservation period of these data cannot exceed 6
months. According to the CNIL, "a search engine should not
keep indefinitely the historical account of the requests made and
of the websites consulted by a user. This account can reveal
intimate information, such as conjugal problems or political
opinions, through which one can deduce possible habits or a certain
The Article 29 Working Group also reminds search engines in
these recommendations that people whose data are collected by their
services must be informed of their rights, and also the purpose of
the processing of their data and of the conditions under which they
can exercise their rights to access and correct their data, and to
oppose the processing of such data.
The question is now to determine how this obligation will be
implemented by search engines and if the position of the Article 29
Working Group will evolve towards more flexibility in consideration
of the business interests at stake.
*August & Debouzy, Nabarro and GSK Stockman &
Kollegen have announced the entry of two new law firms into their
international alliance. Italian firm Nunziante Magrone and Spanish
firm Rodés & Sala have joined the network, which has
covered England, France and Germany up until now. This alliance was
set up by the English firm Nabarro and now counts over 800 lawyers
based in the five countries.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.
The market of the so-called "connected vehicles" has been considerably growing since 2015. According to a recent study by AlixPartners, 78 million of connected vehicles will be commercialized in 2018, generating a EUR40 billion turnover.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).